NSA PRISM snoop-gate: Won't someone think of the children, wails Apple

10,000 things probed, mostly about missing kids, Alzheimer patients, we're told

Next gen security for virtualised datacentres

Apple has joined Facebook and Microsoft in revealing it has received thousands of requests for sensitive user data from US investigators in less than a year.

And like the two other giants, the fruity computer company is vague about the details.

A statement from Cupertino marks another attempt to diffuse the ongoing row over PRISM - the NSA's controversial project that taps up Apple and other internet goliaths for personal information on foreigners. The reveal tries to put a positive spin the iPhone-maker's close cooperation with cops and spies.

The cloud-powered iPad-slinger said it had dealt with between 4,000 and 5,000 surveillance requests from the US government since December 2012. These requests covered between 9,000 and 10,000 accounts or devices and came from federal, state and local authorities - the cases concerned had to do with both criminal investigations and national security matters.

"The most common form of request comes from police investigating robberies and other crimes, searching for missing children, trying to locate a patient with Alzheimer’s disease, or hoping to prevent a suicide," Apple said in a public statement. "Regardless of the circumstances, our Legal team conducts an evaluation of each request and, only if appropriate, we retrieve and deliver the narrowest possible set of information to the authorities."

Apple claimed that iMessage, FaceTime, map search, location and Siri data remains private. In the case of Facetime and iMessage, this is thanks to end-to-end encryption, we're told. Map searches, location data and Siri queries are not retained by the company in a way that can identify a person, Cupertino insists. Files held in Apple's iCloud is another matter, it seems.

'We have never heard of PRISM'

Apple, Facebook and Google were among nine tech firms named as having participated (wittingly or unwittingly) in the controversial NSA PRISM we surveillance programme. The 41-page presentation was given in April this year and made public by the Washington Post.

The Apple statement, although it reveals the number of requests Cupertino complied with, it continues to deny allowing gov bods to access its servers, stating: "We first heard of the government’s 'Prism' program when news organizations asked us about it on June 6."

Since the exposure of the programme through the actions of former CIA contractor Edward Snowden, US tech firms have been lobbying the government to allow them to provide more details to their customers on the extent to which they have helped the authorities with their inquiries. Spy chiefs were against this disclosure but politicians appear to have overruled them and allowed tech giants to provide more details on wiretap requests than had been permitted with previous transparency reports from the likes of Google and Microsoft.

This move is clearly designed, at least in part, to reassure businesses and consumers that data held by US technology firms is not subject to dragnet surveillance, a concern that might prompt enterprises and international consumers to look for alternatives to US-based services.

Facebook released a similar set of data to Apple on Friday, saying it received 9,000 to 10,000 requests for user data from US authorities (local, state and federal) in the second half of 2012. These requests covered 18,000 to 19,000 of its users' accounts. "These requests run the gamut – from things like a local sheriff trying to find a missing child, to a federal marshal tracking a fugitive, to a police department investigating an assault, to a national security official investigating a terrorist threat," Facebook said in a statement.

The social network claimed that its lawyers guarded users' privacy jealously against these requests. "We’ve reiterated in recent days that we scrutinize every government data request that we receive – whether from state, local, federal, or foreign governments. We’ve also made clear that we aggressively protect our users’ data when confronted with such requests: we frequently reject such requests outright, or require the government to substantially scale down its requests, or simply give the government much less data than it has requested. And we respond only as required by law," it said.

Microsoft, meanwhile, said it had handled 6,000 to 7,000 criminal and national security requests from US authorities affecting 31,000 to 32,000 accounts over the last six months of 2012. Redmond said the figures were an amalgamation of statistics from requests from US local, state and federal authorities. It said the figures included more on national security requests than previously provided while stating that the government has still not allowed it to be completely candid.

"For the first time, we are permitted to include the total volume of national security orders, which may include FISA orders, in this reporting. We are still not permitted to confirm whether we have received any FISA orders, but if we were to have received any they would now be included in our aggregate volumes," Microsoft said in a statement.

"We are permitted to publish data on national security orders received (including, if any, FISA Orders and FISA Directives), but only if aggregated with law enforcement requests from all other US local, state and federal law enforcement agencies; only for the six-month period of July 1, 2012 thru December 31, 2012; only if the totals are presented in bands of 1,000; and [only if] all Microsoft consumer services had to be reported together." ®

The essential guide to IT transformation

More from The Register

next story
The Return of BSOD: Does ANYONE trust Microsoft patches?
Sysadmins, you're either fighting fires or seen as incompetents now
Microsoft: Azure isn't ready for biz-critical apps … yet
Microsoft will move its own IT to the cloud to avoid $200m server bill
Oracle reveals 32-core, 10 BEEELLION-transistor SPARC M7
New chip scales to 1024 cores, 8192 threads 64 TB RAM, at speeds over 3.6GHz
US regulators OK sale of IBM's x86 server biz to Lenovo
Now all that remains is for gov't offices to ban the boxes
Object storage bods Exablox: RAID is dead, baby. RAID is dead
Bring your own disks to its object appliances
Nimble's latest mutants GORGE themselves on unlucky forerunners
Crossing Sandy Bridges without stopping for breath
prev story


Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
BYOD's dark side: Data protection
An endpoint data protection solution that adds value to the user and the organization so it can protect itself from data loss as well as leverage corporate data.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?